WO2024022355A1 - Security vulnerability scanning task processing method based on rpa and ai, and related device - Google Patents

Abstract

The present disclosure relates to the fields of AI and RPA. Provided are a security vulnerability scanning task processing method based on RPA and AI, and a related device. The method comprises: determining the task type of a target security vulnerability scanning task to be processed; according to the task type, starting a security vulnerability scanning application program corresponding to the task type; and when the security vulnerability scanning application program is successfully started, configuring, in the security vulnerability scanning application program, scanning information of said target security vulnerability scanning task, so as to perform, according to the configured scanning information, scanning processing addressing said target security vulnerability scanning task. In this way, a security vulnerability scanning task can be processed without operations which are manually and frequently performed and have fixed and repeated steps, such that security engineers can be set free from tedious and repeated work.

Description

Security vulnerability scanning task processing method and related equipment based on RPA and AI

Cross-references to related applications

This application claims priority from Chinese Patent Application No. 2022108790845 filed in China on July 25, 2022, the entire content of which is incorporated herein by reference.

Technical field

This disclosure relates to the fields of Artificial Intelligence (AI for short) and Robotic Process Automation (RPA for short), and specifically relates to a security vulnerability scanning task processing method and related equipment based on RPA and AI.

Background technique

RPA uses specific "robot software" to simulate human operations on computers and automatically execute process tasks according to rules.

AI is a technical science that studies and develops theories, methods, technologies and application systems for simulating, extending and expanding human intelligence.

With the development of computer software technology and network technology, network security issues have become increasingly prominent. Due to improper coding by software developers, there can be a large number of vulnerabilities in the software we use every day. If there are vulnerabilities in the computer system and are not discovered and repaired in time, hackers will steal important information of the computer system or users through the vulnerabilities, causing serious consequences.

In related technologies, in order to discover network security problems in a timely manner, security engineers are required to regularly scan network security vulnerabilities. Since network security vulnerability scanning has many steps and the steps are fixed and repeated, this kind of security vulnerability scanning relies on frequent manual operations with fixed and repeated steps. This method brings great inconvenience to safety engineers.

Contents of the invention

The present disclosure aims to solve one of the technical problems in the above-mentioned technologies, at least to a certain extent.

To this end, embodiments of the present disclosure propose a security vulnerability scanning task processing method and related equipment based on RPA and AI to automatically start a security vulnerability scanning application corresponding to the task type of the target security vulnerability scanning task through the RPA robot, and The security vulnerability scanning application automatically configures the scanning information of the target security vulnerability scanning task, so that the security vulnerability scanning application scans and processes the target security vulnerability scanning task, eliminating the need for frequent manual operations with fixed and repeated steps to perform the security vulnerability scanning task. Processing can free safety engineers from boring and repetitive work.

The embodiment of the first aspect of the present disclosure proposes a security vulnerability scanning task processing method based on robotic process automation RPA and artificial intelligence AI. The method is executed by an RPA robot and includes: determining the task type of the target security vulnerability scanning task to be processed. ; According to the task type, start a security vulnerability scanning application corresponding to the task type; if the security vulnerability scanning application is successfully started, configure the target security vulnerability in the security vulnerability scanning application The scanning information of the scanning task is used to scan the target security vulnerability scanning task according to the configured scanning information.

The embodiment of the second aspect of the present disclosure proposes a security vulnerability scanning task processing device based on robotic process automation RPA and artificial intelligence AI, which is applied to the RPA robot and includes: a determination module for determining the target security vulnerability scanning task to be processed. Task type; a startup module, used to start a security vulnerability scanning application corresponding to the task type according to the task type; a processing module, used to start the security vulnerability scanning application when the security vulnerability scanning application is successfully started. The scanning information of the target security vulnerability scanning task is configured in the security vulnerability scanning application, so that the target security vulnerability scanning task is scanned and processed according to the configured scanning information.

The third embodiment of the present disclosure provides an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, the present disclosure is implemented. The method described in the above embodiment of the first aspect.

The fourth embodiment of the present disclosure provides a non-transitory computer-readable storage medium on which a computer program is stored. When the computer program is executed by a processor, the method described in the first embodiment of the disclosure is implemented.

The fifth aspect embodiment of the present disclosure proposes a computer program product, which includes a computer program. When executed by a processor, the computer program implements the method described in the above first aspect embodiment of the present disclosure.

The sixth embodiment of the present disclosure provides a computer program. The computer program includes computer program code. When the computer program code is run on a computer, it causes the computer to execute the method described in the first embodiment of the present disclosure. method.

The technical solutions provided by the embodiments of the present disclosure include the following beneficial effects:

The disclosed technical solution uses an RPA robot to determine the task type of the target security vulnerability scanning task to be processed; according to the task type, start the security vulnerability scanning application corresponding to the task type; when the security vulnerability scanning application is started If successful, the scanning information of the target security vulnerability scanning task is configured in the security vulnerability scanning application, so that the target security vulnerability scanning task is scanned and processed according to the configured scanning information, thereby, through RPA The robot automatically starts a security vulnerability scanning application corresponding to the task type of the target security vulnerability scanning task, and automatically configures the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so that the security vulnerability scanning application is safe for the target. Vulnerability scanning tasks are scanned and processed, eliminating the need for frequent manual operations with fixed and repetitive steps to process security vulnerability scanning tasks, which can free security engineers from boring and repetitive work.

Additional aspects and advantages of the disclosure will be set forth in part in the description which follows, and in part will be obvious from the description, or may be learned by practice of the disclosure.

Description of drawings

The above and/or additional aspects and advantages of the present disclosure will become apparent and readily understood from the following description of the embodiments in conjunction with the accompanying drawings, in which:

Figure 1 is a schematic flow chart of a host security vulnerability scanning method provided in related technologies;

Figure 2 is a schematic flow chart of a website security vulnerability scanning method provided in related technologies;

Figure 3 is a schematic flow chart of a security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 4 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 5 is a schematic flowchart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 6 is a schematic flowchart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 7 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 8 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 9 is a schematic diagram of a new task page for host scanning provided by an embodiment of the present disclosure;

Figure 10 is a schematic diagram of a host security vulnerability scanning submission page based on RPA and AI provided by an embodiment of the present disclosure;

Figure 11 is a schematic diagram of the scanning progress of host security vulnerability scanning based on RPA and AI provided by an embodiment of the present disclosure;

Figure 12 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure;

Figure 13 is a schematic diagram of a new website scanning task interface provided by an embodiment of the present disclosure;

Figure 14 is a schematic diagram of a scanning configuration wizard for a website security vulnerability scanning task provided by an embodiment of the present disclosure;

Figure 15 is a schematic diagram of a scanning configuration wizard for another website security vulnerability scanning task provided by an embodiment of the present disclosure;

Figure 16 is a schematic diagram of a scanning configuration wizard for another website security vulnerability scanning task provided by an embodiment of the present disclosure;

Figure 17 is a schematic diagram of a scanning configuration wizard for another website security vulnerability scanning task provided by an embodiment of the present disclosure;

Figure 18 is a schematic diagram of a scanning configuration wizard for another website security vulnerability scanning task provided by an embodiment of the present disclosure;

Figure 19 is a schematic diagram of the scanning result configuration wizard of a website security vulnerability scanning task provided by an embodiment of the present disclosure. picture;

Figure 20 is a schematic flowchart of a security vulnerability scanning task processing device based on RPA and AI provided by an embodiment of the present disclosure;

Figure 21 is a block diagram of an electronic device used for a security vulnerability scanning task processing method based on RPA and AI according to an embodiment of the present disclosure.

Detailed ways

Embodiments of the present disclosure are described in detail below, examples of which are illustrated in the accompanying drawings, wherein the same or similar reference numerals throughout represent the same or similar elements or elements having the same or similar functions. The embodiments described below with reference to the drawings are exemplary and intended to explain the present disclosure, but are not to be construed as limitations of the present disclosure.

In order to discover network security issues in a timely manner, security engineers need to perform network security vulnerability scanning regularly. Since network security vulnerability scanning has many steps and the steps are repetitive, for example, as shown in Figure 1 and Figure 2, host security vulnerability scanning and website security There are many steps in vulnerability scanning and the steps are repetitive. Moreover, there are a large number of reports on network security vulnerability scanning results and rectification suggestions, which need to be written manually, and the network security vulnerability scanning results and rectification suggestions are manually sent by email to notify the user unit. This method of relying on frequent manual operations with fixed and repetitive steps to scan security vulnerabilities, as well as manually writing and sending reports on network security vulnerability scan results and rectification suggestions, has brought great inconvenience to security engineers.

In response to the above problems, embodiments of the present disclosure propose a security vulnerability scanning task processing method and related equipment based on RPA and AI.

The security vulnerability scanning task processing method and related equipment based on RPA and AI according to the embodiment of the present disclosure will be described below with reference to the accompanying drawings. Before describing the embodiments of the present disclosure in detail, in order to facilitate understanding, common technical terms are first introduced:

"Security vulnerabilities" refer to defects in the specific implementation of hardware, software, protocols, or system security policies;

"Task type" refers to the type of target security vulnerability scanning task, such as host scanning or website scanning;

"Optical Character Recognition (OCR)" refers to the process in which electronic equipment examines characters printed on paper, determines their shape by detecting dark and light patterns, and then uses character recognition methods to translate the shape into computer text; That is, for printed characters, it uses optical methods to convert the text in the paper document into a black and white dot matrix image file, and uses recognition software to convert the text in the image into a text format for further editing and processing by word processing software. ;

"Security vulnerability scanning application" refers to an application that can perform security vulnerability scanning tasks, such as an application that can perform host security vulnerability tasks, or an application that can perform website security vulnerability tasks;

"Scan information" refers to the scanning parameters corresponding to the target security vulnerability scanning task;

"Scan parameters" refers to the setting values for executing the scan. The scan parameters may include: the time period during which the scan is executed, the scan type type and scan priority, etc.

"Natural Language Processing (NLP)" refers to the technology of interactive communication with machines using the natural language used in human communication, which can be applied to information extraction;

Figure 3 is a schematic flowchart of a security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure.

The security vulnerability scanning task processing method based on RPA and AI provided by the embodiment of the present disclosure is executed by an RPA robot, and the RPA robot can run in any electronic device with computing capabilities. The electronic device may be a personal computer, a mobile terminal, etc. The mobile terminal is, for example, a mobile phone, a tablet computer, a personal digital assistant and other hardware devices with various operating systems.

As shown in Figure 3, the security vulnerability scanning task processing method based on RPA and AI may include the following steps 301 to 303.

Step 301: Determine the task type of the target security vulnerability scanning task to be processed.

What needs to be understood is that different security vulnerability scanning tasks correspond to different task types. Network security engineers can control the RPA robot to select the task type of the target security vulnerability scanning task to be processed based on security requirements. For example, the task type can be host scanning or Website scanning.

Step 302: According to the task type, start the security vulnerability scanning application corresponding to the task type.

It should be noted that different task types can correspond to the same security vulnerability scanning application, or they can correspond to different security vulnerability scanning applications. That is, the same security vulnerability scanning application can scan and process multiple types of security vulnerability scanning tasks, or it can Scanning handles one type of security vulnerability scanning task, which is not specifically limited in this disclosure.

In the embodiment of the present disclosure, the RPA robot can query and start a security vulnerability scanning application that can handle the task type according to the task type. Wherein, it should be noted that, in response to the existence of multiple security vulnerability scanning applications that can handle the task type, one of the security vulnerability scanning applications is randomly selected, and the selected security vulnerability scanning application is started.

Step 303: When the security vulnerability scanning application is successfully started, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so as to scan the target security vulnerability scanning task according to the configured scanning information.

In some embodiments, when the security vulnerability scanning application is successfully started, the scanning information can be configured in the security vulnerability scanning application, so that the security vulnerability scanning application can perform target security based on the configured scanning information. Vulnerability scanning tasks perform scanning processing.

In summary, the RPA robot automatically starts the security vulnerability scanning application corresponding to the task type of the target security vulnerability scanning task, and automatically configures the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so that the security vulnerability scanning The application performs scanning tasks on target security vulnerabilities without manual frequent and The steps are fixed and repeated to perform scanning and processing of security vulnerability scanning tasks, which can free security engineers from boring and repetitive work.

In order to clearly explain how the RPA robot configures the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application when the security vulnerability scanning application is successfully started, so that the security vulnerability scanning application can scan the target according to the configured scanning information. The target security vulnerability scanning task is scanned and processed as shown in Figure 4. Figure 4 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure. In this disclosed embodiment, the RPA robot can create a new target security vulnerability scanning task page in the security vulnerability scanning application, enter the scanning parameters corresponding to the target security vulnerability scanning task in the target security vulnerability scanning task page, and trigger the security vulnerability scanning task page. The vulnerability scanning application is used to scan the target security vulnerability scanning task, so that the security vulnerability scanning application processes the target security vulnerability scanning task. The embodiment shown in Figure 4 may include the following steps 401 to 405.

Step 401: Determine the task type of the target security vulnerability scanning task to be processed.

Step 402: According to the task type, start a security vulnerability scanning application corresponding to the task type.

Step 403: When the security vulnerability scanning application is successfully started, trigger a control in the security vulnerability scanning application for creating a target security vulnerability scanning task page to create a new target security vulnerability scanning task page corresponding to the task type.

In some embodiments, when the security vulnerability scanning application is successfully launched, the RPA robot can automatically trigger the control for creating a new target security vulnerability scanning task page in the security vulnerability scanning application, so that the security vulnerability scanning application can create a new Target security vulnerability scanning task page corresponding to the task type.

Step 404: If the target security vulnerability scanning task page is successfully created, enter the scanning parameters corresponding to the target security vulnerability scanning task on the target security vulnerability scanning task page.

Then, if the target security vulnerability scanning task page is successfully created, the RPA robot can automatically enter the scanning parameters corresponding to the target security vulnerability scanning task in the newly created target security vulnerability scanning task page.

It should be noted that before the RPA robot automatically enters the scanning parameters corresponding to the target security vulnerability scanning task in the newly created target security vulnerability scanning task page, it can obtain the target file matching the task type based on the task type, and based on NLP technology , extract the scanning parameters corresponding to the target security vulnerability scanning task from the target file.

That is to say, the RPA robot can query the file directory of the security vulnerability scanning application for the target file that matches the task type based on the task type, and based on NLP technology, extract the scan corresponding to the target security vulnerability scanning task from the target file. Parameters, where the scanning parameters may include but are not limited to the name of the scanning task to perform the scan, the time period during which the scan is performed, the type of scan, the priority of the scan, and the Internet Protocol (IP) address or website of the host that performs the scan. Resource locator (uniform resource locator, URL for short) address, etc.

Step 405: After the input of scanning parameters is completed, trigger the control in the security vulnerability scanning application for scanning the target security vulnerability scanning task, so as to scan the target security vulnerability scanning task according to the scanning parameters.

Furthermore, when the input of scanning parameters is completed, the RPA robot can automatically trigger the control in the security vulnerability scanning application for scanning the target security vulnerability scanning task, so that the security vulnerability scanning application can perform the target security vulnerability scanning task according to the scanning parameters. Scan processing.

It should be noted that in order to improve the flexibility of scanning processing, after the input of scanning parameters is completed, the RPA robot can also scan the input before triggering the control used to scan the target security vulnerability scanning task in the security vulnerability scanning application. The parameters are updated (for example, edited and deleted). After the scanning parameters are updated, the RPA robot triggers the control in the security vulnerability scanning application for scanning the target security vulnerability scanning task, so that the security vulnerability scanning application can be based on the updated scanning parameters. Scan and process the target security vulnerability scanning task.

It should be noted that the execution process of steps 401 to 402 can be implemented in any manner in the embodiments of the present disclosure. The embodiments of the present disclosure do not limit this and will not be described again.

In summary, when the security vulnerability scanning application is successfully started, the control for creating a target security vulnerability scanning task page in the security vulnerability scanning application is triggered to create a new target security vulnerability scanning task page corresponding to the task type; target If the security vulnerability scanning task page is successfully created, on the target security vulnerability scanning task page, enter the scanning parameters corresponding to the target security vulnerability scanning task; when the scanning parameters are entered, trigger the scanning in the security vulnerability scanning application. The control of the target security vulnerability scanning task is used to scan and process the target security vulnerability scanning task according to the scanning parameters. Therefore, the RPA robot can automatically configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application without manual configuration. It can improve the efficiency and accuracy of scanning parameter configuration.

In order to clearly illustrate how the RPA robot starts the security vulnerability scanning application corresponding to the task type according to the task type, as shown in Figure 5, Figure 5 is another security vulnerability based on RPA and AI provided by the embodiment of the present disclosure. Flow chart of scanning task processing method. In an embodiment of the present disclosure, in response to the task type being host scanning, in at least one security vulnerability scanning application, the security vulnerability scanning application corresponding to the task type is queried and started. The embodiment shown in Figure 5 may include the following steps 501 to 505.

Step 501: Determine the task type of the target security vulnerability scanning task to be processed.

Step 502: In at least one security vulnerability scanning application, query the target security vulnerability scanning application whose task type for scanning processing matches host scanning.

In some embodiments, the RPA robot queries the target security vulnerability scanning application that matches the host scan based on the task type of scanning processing of each security vulnerability application in at least one security vulnerability application. The number of security vulnerability scanning applications that match the host scan based on the task type of scanning processing is multiple. From the multiple security vulnerability scanning applications, one of the security vulnerability scanning applications is randomly selected as the target security vulnerability scanning application. .

Step 503: Trigger the control on the target security vulnerability scanning application for displaying the login page to display the target Scan the application's landing page for security vulnerabilities.

Furthermore, the RPA robot can automatically trigger the control for displaying the login page on the target security vulnerability scanning application, so that the target security vulnerability scanning application displays the landing page. For example, the RPA robot can double-click the target security vulnerability scanning application, thereby, the target Security vulnerability scanning applications can display landing pages.

Step 504: Enter login information on the login page to perform login based on the login information.

In some embodiments, when the login page displays the set content in response to the input account information, the control on the login page for obtaining the verification code is triggered; the target information is received through the instant messaging software associated with the account information; based on NLP Technology to extract the verification code from the target information; enter the verification code on the login page to perform login based on the verification code and account information.

In the embodiment of the present disclosure, the login information may include account information, and the account information may include a mobile phone number, an email number, etc. It can be understood that the login information may also include other information, such as password information, picture verification code, etc., This disclosure does not limit this.

It should be noted that for the image verification code, OCR technology can be used to identify the characters on the image and obtain the image verification code, so that the RPA robot can be controlled to enter the recognized image verification code on the login page.

In the embodiment of the present disclosure, when the login page displays the setting content in response to the input login information, the RPA robot can be controlled to trigger the control on the login page for obtaining the verification code. For example, the control can be on the login page. The Get Verification Code control is displayed. The setting content can be used to indicate that a verification code is required to log in. For example, the setting content can be "Please enter the verification code."

In some embodiments, the target information may be information including a verification code. After receiving the verification code through the mobile phone communication card in the mobile terminal, the security engineer can enter the target information including the verification code in the instant messaging software associated with the account information. , Correspondingly, the instant messaging software associated with the above account information can send the target information to the RPA robot through the chatbot (Chatbot). It should be understood that the target information may not only contain the verification code, but also other characters, such as the target information It can be "Verification code is: 123456". Therefore, in the embodiment of the present disclosure, in order to improve the accuracy and reliability of the verification code acquisition results, the verification code in the target information can be extracted based on natural language processing NLP technology.

In some embodiments, NLP technology can be used to identify whether there are a set number of consecutive numbers and/or characters in the target information, and in response to the presence, the set number of consecutive numbers and/or characters will be identified. as a verification code. In some embodiments, the number is set to 6, for example. In response to the presence of 6 consecutive numbers in the recognition target information, the recognized "123456" is used as the verification code. Furthermore, after extracting the verification code, the RPA robot is controlled to enter the verification code on the login page to perform login based on the verification code and login information.

Step 505: When the security vulnerability scanning application is started successfully, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so as to perform the target security vulnerability scanning task according to the configured scanning information. Scan and process the task.

It should be noted that the execution processes of steps 501 and 505 can be implemented in any manner in the embodiments of the present disclosure. The embodiments of the present disclosure do not limit this and will not be described again.

In summary, by in at least one security vulnerability scanning application, querying the target security vulnerability scanning application whose task type the scanning process matches the host scan; triggering the control on the target security vulnerability scanning application for displaying the login page to display The login page of the target security vulnerability scanning application; enter the login information on the login page to perform login based on the login information. From this, the RPA robot can automatically start the security vulnerability scanning application corresponding to the task type.

In order to further improve the scanning accuracy of the security vulnerability scanning task, as shown in Figure 6, Figure 6 is a schematic flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure. In response to the security vulnerability scanning application scanning and processing the target security vulnerability scanning task according to the configured scanning information, the RPA robot verifies the configured scanning information to determine whether the configured scanning information is empty. When the configured scanning information is empty, the scanning information can be reconfigured. The embodiment shown in Figure 6 can include the following steps 601 to 605.

Step 601: Determine the task type of the target security vulnerability scanning task to be processed.

Step 602: According to the task type, start the security vulnerability scanning application corresponding to the task type.

Step 603: If the security vulnerability scanning application is successfully started, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so as to scan the target security vulnerability scanning task according to the configured scanning information.

Step 604: Verify whether each scanning parameter required for scanning processing is empty.

In order to improve the accuracy of scanning processing, in the embodiment of the present disclosure, during the scanning process of the target security vulnerability scanning task, the RPA robot can query whether the configured scanning information contains There are various scan parameters required for scan processing to determine whether the scan parameters required for scan processing are missing from the configured scan information.

Step 605: If at least one scan parameter required for scanning processing is empty, re-configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application.

In some embodiments, in response to the lack of at least one scanning parameter required for scanning processing in the configured scanning information, the PRA robot reconfigures the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application.

It should be noted that the execution process of steps 601 to 603 can be implemented in any manner in the embodiments of the present disclosure. The embodiments of the present disclosure do not limit this and will not be described again.

In summary, when at least one scanning parameter required for scanning processing is empty, the PRA robot can re-configure the scanning information, which improves the accuracy of scanning processing.

In order to allow relevant personnel to promptly understand the processing results of the target security vulnerability scanning task, as shown in Figure 7, Figure 7 is a flow chart of another security vulnerability scanning task processing method based on RPA and AI provided by an embodiment of the present disclosure. In this disclosed embodiment, the RPA robot can generate a security vulnerability scanning processing information file based on the processing information of the target security vulnerability scanning task, and send the file to the user end. The embodiment shown in Figure 7 can include the following steps 701 to 707 .

Step 701: Determine the task type of the target security vulnerability scanning task to be processed.

Step 702: According to the task type, start the security vulnerability scanning application corresponding to the task type.

Step 703: If the security vulnerability scanning application is successfully started, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so as to scan the target security vulnerability scanning task according to the configured scanning information.

Step 704: Obtain the scanning processing information of the target security vulnerability scanning task.

In this disclosed embodiment, after the target security vulnerability scanning task is processed, the RPA robot can obtain the scanning processing information of the target security vulnerability scanning task, where the scanning processing information can include the number of security vulnerabilities processed in this scanning and each security vulnerability. Description of the vulnerability.

Step 705: Based on the optical character recognition technology OCR, identify the number of security vulnerabilities in the scanned processing information and the description information of each security vulnerability.

Step 706: Generate a security vulnerability scanning processing information file based on the number of security vulnerabilities and the description information of at least one security vulnerability.

In order to facilitate the RPA robot to automatically compile the security vulnerability scanning processing information file according to the number of security vulnerabilities and the description information of each security vulnerability, in the embodiment of the present disclosure, the number of security vulnerabilities and each security vulnerability in the scanning processing information can be identified based on OCR. Based on the description information, the RPA robot can automatically trigger the Word component to complete the writing of security vulnerability scanning and processing information files.

Step 707: Send the security vulnerability scanning processing information file to the client.

In some embodiments, the RPA robot can trigger a control (such as a mailbox) for sending the security vulnerability scanning processing information file to send the security vulnerability scanning processing information file to the user terminal for review by relevant personnel.

It should be noted that the execution process of steps 701 to 703 can be implemented in any manner in the embodiments of the present disclosure. The embodiments of the present disclosure do not limit this and will not be described again.

In summary, by obtaining the scanning processing information of the target security vulnerability scanning task; based on the optical character recognition technology OCR, identify the number of security vulnerabilities in the scanning processing information and the description information of each security vulnerability; based on the optical character recognition technology OCR, identify the scanning processing information The number of security vulnerabilities and the description information of each security vulnerability; based on the number of security vulnerabilities and the description information of at least one security vulnerability, a security vulnerability scanning processing information file is generated. From this, the RPA robot can automatically write a security vulnerability scanning processing information file. And the security vulnerability scanning processing information file is automatically sent to the user end, saving labor costs.

In order to clearly illustrate the above embodiments, examples are given.

For example, if the task type is host scanning, as shown in Figure 8, it includes: In the first step, the RPA robot uses the mouse and keyboard to simulate manual operations to automatically enter user names and passwords, and uses OCR recognition and keyboard automatic input verification. code to realize the login of the host scanning system. It should be noted that before the RPA robot logs in to the host scanning system, the RPA robot can be initialized first to ensure that the RPA robot can be used normally;

In the second step, the RPA robot uses the mouse to simulate clicking on the function menu "Scan Task-Host Scan" to open the "Host Scan" page;

In the third step, as shown in Figure 9, the RPA robot simulates a mouse click on the "New" button to open the host scanning new task page;

In the fourth step, the RPA robot simulates the mouse and keyboard to input the automatically obtained system time into the task name column and the IP address list automatically read from the Excel file into the scan target column;

In the fifth step, the RPA robot simulates a mouse click and automatically closes the item "Whether to ignore high-risk vulnerabilities to prevent device abnormalities";

Step 6: The RPA robot simulates a mouse click on "Next";

The seventh step, as shown in Figure 10, the RPA robot simulates the mouse click "Submit" to start scanning the hosts one by one, and during the scanning process, as shown in Figure 11, the RPA robot can also check the scanning progress of each host scanning task; and

Step 8: After the scan is completed, export the host scan results report.

It should be noted that the RPA robot can also verify the input scanning parameters, such as the task name and automatically read the IP address list in the Excel file for verification. If at least one of the scanning parameters required for scanning processing is empty, Next, reconfigure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application.

For another example, take the task type of website scanning as an example, as shown in Figure 12, including: In the first step, the RPA robot automatically starts the scanning tool "XXAPP". It should be noted that before the RPA robot logs in to the host scanning system, You can initialize the RPA robot first to ensure that the RPA robot can be used normally;

In the second step, as shown in Figure 13, the RPA robot automatically clicks "File-New" to open the new website scanning task interface;

In the third step, the RPA robot automatically clicks "Scan web application" to open the new task wizard;

The fourth step, as shown in Figure 14, the RPA robot automatically enters the website domain name or website IP that needs to be scanned in the pop-up message dialog box;

In the fifth step, the RPA robot automatically clicks "Next";

In the sixth step, as shown in Figure 15, the RPA robot automatically clicks "Yes" and "Next" successively;

In the seventh step, as shown in Figure 16, the RPA robot automatically clicks "Next";

Step 8, as shown in Figure 17, the RPA robot automatically clicks "Next"; and

The ninth step, as shown in Figure 18 and Figure 19, automatically click "Finish" and "No" successively to start the website scan.

As a result, the RPA robot can complete a series of operations that replace manual creation of host scanning tasks and start scanning, improving the efficiency of scanning processing. For example, the RPA robot can complete the creation and start execution of a scanning task of 800 host IPs in 50 seconds; For another example, the RPA robot can automatically complete the creation of website scanning tasks and start the website scanning tasks within 40 seconds.

The security vulnerability scanning task processing method based on RPA and AI in the embodiment of the present disclosure determines the task type of the target security vulnerability scanning task to be processed; according to the task type, starts the security vulnerability scanning application corresponding to the task type; in the security vulnerability When the scanning application is started successfully, the scanning information of the target security vulnerability scanning task is configured in the security vulnerability scanning application, so that the target security vulnerability scanning task is scanned and processed based on the configured scanning information. Thus, the RPA robot automatically Start a security vulnerability scanning application corresponding to the task type of the target security vulnerability scanning task, and automatically configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so that the security vulnerability scanning application scans the target security vulnerability The task is scanned and processed without the need for frequent manual operations with fixed and repeated steps to scan and process security vulnerability scanning tasks, which saves labor costs and improves the efficiency of scanning processing, freeing security engineers from boring and repetitive work and investing in more work. High value work.

Corresponding to the security vulnerability scanning task processing method based on RPA and AI provided by the above embodiments of FIG. 3 to FIG. 19 , the embodiment of the present disclosure also provides a security vulnerability scanning task processing device based on RPA and AI. Due to the embodiment of the present disclosure The provided security vulnerability scanning task processing device based on RPA and AI corresponds to the security vulnerability scanning task processing method based on RPA and AI provided in the above embodiments of Figures 3 to 19. Therefore, in the security vulnerability scanning task processing based on RPA and AI The implementation of the method is also applicable to the security vulnerability scanning task processing device based on RPA and AI provided in the embodiment of the present disclosure, and will not be described in detail in the embodiment of the present disclosure.

Figure 20 is a schematic structural diagram of a security vulnerability scanning task processing device based on RPA and AI provided by an embodiment of the present disclosure.

As shown in Figure 20, the security vulnerability scanning task processing device 2000 based on RPA and AI is applied to the RPA robot and includes: a determination module 2010, a startup module 2020 and a processing module 2030.

Among them, the determination module is used to determine the task type of the target security vulnerability scanning task to be processed; the startup module 2020 is used to start the security vulnerability scanning application corresponding to the task type according to the task type; the processing module 2030 is used to perform the security vulnerability scanning When the vulnerability scanning application is started successfully, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so that the target security vulnerability scanning task is scanned and processed based on the configured scanning information.

In some embodiments, the processing module 2030 is also used to: when the security vulnerability scanning application is started successfully, trigger the control in the security vulnerability scanning application for creating a target security vulnerability scanning task page to create a new task corresponding to the task type. The target security vulnerability scanning task page; if the target security vulnerability scanning task page is successfully created, on the target security vulnerability scanning task page, enter the scanning parameters corresponding to the target security vulnerability scanning task; in the setting node status, the scanning parameter input is completed In case of triggering security vulnerability scanning application is used to scan target security vulnerabilities Control of the hole scanning task to scan and process the target security vulnerability scanning task according to the scanning parameters.

In some embodiments, the security vulnerability scanning task processing device 2000 based on RPA and AI also includes: a first acquisition module and an extraction module.

Among them, the first acquisition module is used to acquire the target file matching the task type according to the task type; the extraction module is used to extract the scanning parameters corresponding to the target security vulnerability scanning task from the target file based on natural language processing NLP technology.

In some embodiments, the task type is host scanning, and the startup module 2020 is further configured to: in at least one security vulnerability scanning application, query the target security vulnerability scanning application whose task type matched with the host scanning; trigger the target security vulnerability scanning application. A control on the vulnerability scanning application used to display the login page to display the login page of the target security vulnerability scanning application; enter login information on the login page to perform login based on the login information.

In some embodiments, the login information includes account information and verification code, and the startup module 2020 is also configured to: trigger the login page for obtaining the verification code when the login page displays the setting content in response to the input account information. Control; receive target information through instant messaging software associated with account information; extract the verification code in the target information based on natural language processing NLP technology; enter the verification code on the login page to perform login based on the verification code and account information.

In some embodiments, the security vulnerability scanning task processing device 2000 based on RPA and AI also includes: a verification module and a setting module.

Among them, the verification module is used to verify whether each scanning parameter required for scanning processing is empty; the setting module is used to re-enter the security vulnerability scanning application when at least one scanning parameter required for scanning processing is empty. Configure the scanning information of the target security vulnerability scanning task.

In some embodiments, the security vulnerability scanning task processing device 2000 based on RPA and AI also includes: a second acquisition module, an identification module, a generation module and a sending module.

Among them, the second acquisition module is also used to obtain the scanning processing information of the target security vulnerability scanning task; the identification module is used to identify the number of security vulnerabilities in the scanning processing information and the description information of each security vulnerability based on the optical character recognition technology OCR; The generation module is used to generate a security vulnerability scanning processing information file based on the number of security vulnerabilities and the description information of at least one security vulnerability; the sending module is used to send the security vulnerability scanning processing information file to the user end.

The security vulnerability scanning task processing device based on RPA and AI in the embodiment of the present disclosure is applied to the RPA robot and determines the task type of the target security vulnerability scanning task to be processed; according to the task type, the security vulnerability scanning application corresponding to the task type is started. program; when the security vulnerability scanning application is started successfully, configure the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so as to scan and process the target security vulnerability scanning task according to the configured scanning information, thus , the RPA robot automatically starts the security vulnerability scanning application corresponding to the task type of the target security vulnerability scanning task, and automatically configures the scanning information of the target security vulnerability scanning task in the security vulnerability scanning application, so that the security vulnerability scanning application Conduct scanning tasks for target security vulnerabilities Scanning processing eliminates the need for frequent manual operations with fixed and repetitive steps to perform scanning processing of security vulnerability scanning tasks, saving labor costs and improving scanning processing efficiency, which can free security engineers from boring and repetitive work and invest in higher value at work.

In order to implement the above embodiments, embodiments of the present disclosure also provide an electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, The security vulnerability scanning task processing method based on RPA and AI is as described in any of the foregoing method embodiments.

In order to implement the above embodiments, embodiments of the present disclosure also provide a non-transitory computer-readable storage medium on which a computer program is stored. When the computer program is executed by a processor, the method described in any of the foregoing method embodiments is implemented based on RPA and AI security vulnerability scanning task processing methods.

In order to implement the above embodiments, embodiments of the present disclosure also provide a computer program product. When the instruction processor in the computer program product is executed, the security vulnerability based on RPA and AI as described in any of the foregoing method embodiments is realized. Scan task processing method.

In order to implement the above embodiments, an embodiment of the present disclosure also proposes a computer program. The computer program includes computer program code. When the computer program code is run on a computer, it causes the computer to execute as described in any of the foregoing method embodiments. Security vulnerability scanning task processing method based on RPA and AI.

In order to implement the above embodiments, embodiments of the present disclosure also provide an electronic device, as shown in Figure 21. Figure 21 is an electronic device for a security vulnerability scanning task processing method based on RPA and AI according to an embodiment of the disclosure. Block diagram of the device.

As shown in Figure 21, the above-mentioned electronic device 2100 includes:

The memory 2110 and the processor 2120 are connected to the bus 2130 of different components (including the memory 2110 and the processor 2120). The memory 2110 stores a computer program. When the processor 2120 executes the program, the RPA-based and AI security vulnerability scanning task processing method.

Bus 2130 represents one or more of several types of bus structures, including a memory bus or memory controller, a peripheral bus, a graphics accelerated port, a processor, or a local bus using any of a variety of bus structures. For example, these architectures include, but are not limited to, the Industry Standard Architecture (ISA) bus, the Micro Channel Architecture (MAC) bus, the Enhanced ISA bus, the Video Electronics Standards Association (VESA) local bus, and the Peripheral Component Interconnect ( PCI) bus.

Electronic device 2100 typically includes a variety of electronic device-readable media. These media can be any available media that can be accessed by electronic device 2100, including volatile and nonvolatile media, removable and non-removable media.

Memory 2110 may also include computer system readable media in the form of volatile memory, such as random access memory (RAM) 2140 and/or cache memory 2150. Electronic device 2100 may further include other removable/non-removable, volatile/non-volatile computer system storage media. By way of example only, storage system 2160 may use For reading and writing non-removable, non-volatile magnetic media (not shown in Figure 21, often called a "hard drive"). Although not shown in FIG. 21, a disk drive for reading and writing removable non-volatile disks (e.g., "floppy disks"), and removable non-volatile optical disks (e.g., CD-ROM, DVD-ROM) may be provided. or other optical media) that can read and write optical disc drives. In these cases, each drive may be connected to bus 2130 through one or more data media interfaces. Memory 2110 may include at least one program product having a set (eg, at least one) of program modules configured to perform the functions of embodiments of the present disclosure.

A program/utility 2180 having a set of (at least one) program modules 2170, including but not limited to an operating system, one or more application programs, other program modules, and program data, may be stored, for example, in memory 2110 , each of these embodiments or some combination may include the implementation of a network environment. Program modules 2170 generally perform the functions and/or methods described in embodiments of the present disclosure.

Electronic device 2100 may also communicate with one or more external devices 2190 (e.g., keyboard, pointing device, display, etc.), with one or more devices that enable a user to interact with electronic device 2100, and/or with The electronic device 2100 can communicate with any device (eg, network card, modem, etc.) that communicates with one or more other computing devices. This communication may occur through input/output (I/O) interface 2192. Furthermore, the electronic device 2100 may also communicate with one or more networks (eg, a local area network (LAN), a wide area network (WAN), and/or a public network, such as the Internet) through a network adapter 2193. As shown in Figure 21, network adapter 2193 communicates with other modules of electronic device 2100 through bus 2130. It should be understood that, although not shown in Figure 21, other hardware and/or software modules may be used in conjunction with electronic device 2100, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tapes drives and data backup storage systems, etc.

The processor 2120 executes various functional applications and data processing by running programs stored in the memory 2110 .

It should be noted that for the implementation process and technical principles of the electronic device of this embodiment, please refer to the explanation of the security vulnerability scanning task processing based on RPA and AI in the embodiment of the present disclosure in FIG. 3 to FIG. 19 , and will not be described again here.

It should be noted that the foregoing explanations of the embodiments of the security vulnerability scanning task processing method based on RPA and AI are also applicable to the electronic devices, computer-readable storage media, computer program products and computer programs of the embodiments of the present disclosure, and are not included here. Again. All embodiments of the present disclosure can be executed alone or in combination with other embodiments, which are considered to be within the scope of protection claimed by the present disclosure.

In the description of this specification, reference to the terms "one embodiment,""someembodiments,""anexample,""specificexamples," or "some examples" or the like means that specific features are described in connection with the embodiment or example. , structures, materials, or features are included in at least one embodiment or example of the present disclosure. In this specification, the schematic expressions of the above terms are not necessarily directed to the same embodiment or example. Furthermore, the specific features, structures, materials or characteristics described may be combined in any suitable manner in any one or more embodiments or examples. Furthermore, to the extent not contradictory, the knowledge in the art The skilled person may combine and combine the different embodiments or examples described in this specification and the features of the different embodiments or examples.

In addition, the terms “first” and “second” are used for descriptive purposes only and cannot be understood as indicating or implying relative importance or implicitly indicating the quantity of indicated technical features. Therefore, features defined as "first" and "second" may explicitly or implicitly include at least one of these features. In the description of the present disclosure, "plurality" means at least two, such as two, three, etc., unless otherwise expressly and specifically limited.

Any process or method descriptions in flowcharts or otherwise described herein may be understood to represent modules, segments, or portions of code that include one or more executable instructions for implementing customized logical functions or steps of the process. , and the scope of the preferred embodiments of the present disclosure includes additional implementations in which functions may be performed out of the order shown or discussed, including in a substantially simultaneous manner or in the reverse order, depending on the functionality involved, which shall It should be understood by those skilled in the art to which embodiments of the present disclosure belong.

The logic and/or steps represented in the flowcharts or otherwise described herein, for example, may be considered a sequenced list of executable instructions for implementing the logical functions, and may be embodied in any computer-readable medium, For use by, or in combination with, instruction execution systems, devices or devices (such as computer-based systems, systems including processors or other systems that can fetch instructions from and execute instructions from the instruction execution system, device or device) or equipment. For the purposes of this specification, a "computer-readable medium" may be any device that can contain, store, communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. More specific examples (non-exhaustive list) of computer readable media include the following: electrical connections with one or more wires (electronic device), portable computer disk cartridges (magnetic device), random access memory (RAM), Read-only memory (ROM), erasable and programmable read-only memory (EPROM or flash memory), fiber optic devices, and portable compact disc read-only memory (CDROM). Additionally, the computer-readable medium may even be paper or other suitable medium on which the program may be printed, as the paper or other medium may be optically scanned, for example, and subsequently edited, interpreted, or otherwise suitable as necessary. process to obtain the program electronically and then store it in computer memory.

It should be understood that various parts of the present disclosure may be implemented in hardware, software, firmware, or combinations thereof. In the above-described embodiments, various steps or methods may be implemented in software or firmware stored in a memory and executed by a suitable instruction execution system. For example, if it is implemented in hardware, as in another embodiment, it can be implemented by any one of the following technologies known in the art or their combination: discrete logic gate circuits with logic functions for implementing data signals; Logic circuits, application specific integrated circuits with suitable combinational logic gates, programmable gate arrays (PGA), field programmable gate arrays (FPGA), etc.

Those of ordinary skill in the art can understand that all or part of the steps involved in implementing the method of the above embodiments can be completed by instructing relevant hardware through a program, and the program can be stored in a computer-readable storage medium. When executed, the program includes one of the steps of the method embodiment or a combination thereof.

In addition, each functional unit in various embodiments of the present disclosure may be integrated into one processing module, each unit may exist physically alone, or two or more units may be integrated into one module. The above integrated modules can be implemented in the form of hardware or software function modules. If the integrated module is implemented in the form of a software function module and sold or used as an independent product, it can also be stored in a computer-readable storage medium.

The storage media mentioned above can be read-only memory, magnetic disks or optical disks, etc. Although the embodiments of the present disclosure have been shown and described above, it can be understood that the above-mentioned embodiments are illustrative and should not be construed as limitations of the present disclosure. Those of ordinary skill in the art can make modifications to the above-mentioned embodiments within the scope of the present disclosure. The embodiments are subject to changes, modifications, substitutions and variations.

Claims (13)

1. A security vulnerability scanning task processing method based on robotic process automation RPA and artificial intelligence AI, wherein the method is executed by an RPA robot, and the method includes:

   Determine the task type of the target security vulnerability scanning task to be processed;

   According to the task type, start a security vulnerability scanning application corresponding to the task type;

   When the security vulnerability scanning application is started successfully, the scanning information of the target security vulnerability scanning task is configured in the security vulnerability scanning application, so as to perform the target security vulnerability scanning task according to the configured scanning information. Perform scan processing.
2. The method according to claim 1, wherein when the security vulnerability scanning application is successfully started, the scanning information of the target security vulnerability scanning task is configured in the security vulnerability scanning application to configure the scanning information according to the security vulnerability scanning application. The configured scanning information performs scanning processing on the target security vulnerability scanning task, including:

   When the security vulnerability scanning application is successfully started, a control for creating a target security vulnerability scanning task page in the security vulnerability scanning application is triggered to create a new target security vulnerability scanning task page corresponding to the task type. ;

   If the target security vulnerability scanning task page is successfully created, enter the scanning parameters corresponding to the target security vulnerability scanning task on the target security vulnerability scanning task page;

   When the input of the scanning parameters is completed, the control for scanning the target security vulnerability scanning task in the security vulnerability scanning application is triggered to perform scanning processing on the target security vulnerability scanning task according to the scanning parameters.
3. The method according to claim 2, wherein if the target security vulnerability scanning task page is successfully created, before inputting the scanning parameters corresponding to the target security vulnerability scanning task on the target security vulnerability scanning task page, the method further includes: :

   According to the task type, obtain a target file matching the task type;

   Based on natural language processing NLP technology, scan parameters corresponding to the target security vulnerability scanning task are extracted from the target file.
4. The method according to any one of claims 1 to 3, wherein the task type is host scanning, and starting a security vulnerability scanning application corresponding to the task type according to the task type includes:

   In at least one security vulnerability scanning application, the query scan handles a task type that matches the host scan Target security vulnerability scanning applications;

   Triggering a control on the target security vulnerability scanning application for displaying a login page to display the login page of the target security vulnerability scanning application;

   Enter login information on the login page to perform login based on the login information.
5. The method according to claim 4, wherein the login information includes account information and a verification code, and inputting the login information on the login page to perform login according to the login information includes:

   On the login page, in response to the input account information and displaying the setting content, trigger the control on the login page for obtaining the verification code;

   Receive target information through the instant messaging software associated with the account information;

   Based on natural language processing NLP technology, extract the verification code in the target information;

   Enter the verification code on the login page to perform login based on the verification code and the account information.
6. The method according to any one of claims 1 to 5, wherein the method further comprises:

   Verify that each scan parameter required for scan processing is empty;

   If at least one scan parameter required for the scanning process is empty, the scanning information of the target security vulnerability scanning task is re-configured in the security vulnerability scanning application.
7. The method according to any one of claims 1 to 5, wherein the method further comprises:

   Obtain the scanning processing information of the target security vulnerability scanning task;

   Based on optical character recognition technology OCR, identify the number of security vulnerabilities in the scanned processing information and the description information of each security vulnerability;

   Generate a security vulnerability scanning processing information file according to the number of security vulnerabilities and the description information of at least one security vulnerability;

   Send the security vulnerability scanning processing information file to the user terminal.
8. A security vulnerability scanning task processing device based on robotic process automation RPA and artificial intelligence AI, which is applied to RPA robots, and the device includes:

   The determination module is used to determine the task type of the target security vulnerability scanning task to be processed;

   A startup module, configured to start a security vulnerability scanning application corresponding to the task type according to the task type;

   A processing module, configured to: when the security vulnerability scanning application is started successfully, Configure the scanning information of the target security vulnerability scanning task in the scanning application, so as to perform scanning processing on the target security vulnerability scanning task according to the configured scanning information.
9. The device according to claim 8, wherein the processing module is also used for:

   When the security vulnerability scanning application is successfully started, triggering a control in the security vulnerability scanning application for creating a target security vulnerability scanning task page to create a new target security vulnerability scanning task page corresponding to the task type;

   If the target security vulnerability scanning task page is successfully created, enter the scanning parameters corresponding to the target security vulnerability scanning task on the target security vulnerability scanning task page;

   When the setting node status is that the input of scanning parameters is completed, the control for scanning the target security vulnerability scanning task in the security vulnerability scanning application is triggered to perform the target security vulnerability scanning task according to the scanning parameters. Scan processing.
10. An electronic device, including a memory, a processor, and a computer program stored in the memory and executable on the processor. When the processor executes the computer program, the method of any one of claims 1 to 7 is implemented. method.
11. A non-transitory computer-readable storage medium on which a computer program is stored, wherein when the computer program is executed by a processor, the method according to any one of claims 1 to 7 is implemented.
12. A computer program product comprising a computer program which, when executed by a processor, implements the method of any one of claims 1 to 7.
13. A computer program, including computer program code, when the computer program code is run on a computer, causes the computer to perform the method according to any one of claims 1 to 7.